Lucene search
K

4 matches found

WPVulnDB
WPVulnDB
added 2019/07/17 12:0 a.m.14 views

All-in-One WP Migration <= 6.97 - Authenticated Cross-Site Scripting (XSS)

An attacker would already have to be able to either compromise the database or gain access to a user account with high enough privileges to view the backup history, so some damage has already been done, but such an attacker could then also insert some XSS in order to compromise other admin users...

2.2AI score
Exploits0References2Affected Software1
wpexploit
wpexploit
added 2019/07/17 12:0 a.m.17 views

All-in-One WP Migration <= 6.97 - Authenticated Cross-Site Scripting (XSS)

An attacker would already have to be able to either compromise the database or gain access to a user account with high enough privileges to view the backup history, so some damage has already been done, but such an attacker could then also insert some XSS in order to compromise other admin users...

Exploits0References2
NVD
NVD
added 2008/12/24 6:29 p.m.17 views

CVE-2008-5709

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager CM 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the 1 Set Static Routes and 2 Backup...

9CVSS7.4AI score0.03349EPSS
Exploits0References8
Prion
Prion
added 2008/12/24 6:29 p.m.13 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in the web management interface in Avaya Communication Manager CM 3.1 before 3.1.4 SP2, 4.0 before 4.0.3 SP1, and 5.0 before 5.0 SP3 allow remote authenticated users to execute arbitrary code via unknown attack vectors in the 1 Set Static Routes and 2 Backup...

9CVSS8AI score0.03349EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder